On Mon, Oct 28, 2002 at 06:46:47PM -0800, Rick Moen wrote: > > >> This confusion has also come up elsewhere, on LinuxToday: > >> http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV > > > > tht just talks about arresting some poor soul ?? > > Read the talkbacks, at the bottom. Specifically, I think you're referring to http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV-0014 which talks about the difference between a rootkit and an attack-kit with a rootkit bunled in. <snip> > 2. The sophistication required to read an ifconfig manpage is mighty > low. To be exact, changing your MAC address consists of: # ifdown eth0 # ifconfig eth0 hw ether <arbitrary ethernet address> # ifup eth0 ... but that's not really the point. The average script-kiddie will (for example) have learned enough chemistry in school to make some very lethal explosives, but it doesn't occur to them to use that knowledge. In practice, even a very low security barrier will stop the 90% of clueless abusers - but (to drag this thread bag on-topic), that's no excuse for basing the security of your network on a fundamentally insecure way of identifying computers. Ultimately, the only secure assumption is that machines which you don't control will spew whatever incorrect or invalid data they like onto your network. - Andrew
Attachment:
pgpDF4pO07mKy.pgp
Description: PGP signature